Hack the Marine Corps bug bounty program announced

SAN FRANCISCO. U.S. Department of Defense (DoD) and HackerOne officials launched the Department’s sixth bug bounty program, Hack the Marine Corps. The bug bounty challenge will focus on Marine Corps’ public-facing websites and services in order to harden the defenses of the Marine Corps Enterprise Network (MCEN). The bug bounty program will conclude on August 26, 2018.

The Marine Corps’ bug bounty program kicked off with a live-hacking event in Las Vegas, Nevada on August 12, 2018 coinciding with the world’s largest hacker and security conferences, Black Hat USA, DefCon and BSides Las Vegas. Nearly 100 hand-selected ethical hackers from the global security researcher community participated in nine straight hours of hacking Marine Corps public-facing websites and services for vulnerabilities.

During the launch event, expert security researchers were shoulder-to-shoulder with the Marines from U.S. Marine Corps Cyberspace Command (MARFORCYBER), representing both offensive and defensive cyber teams. Hackers filed 75 unique valid security vulnerability reports during the event and were awarded over $80,000 for helping further secure the MCEN, the Marine Corps’ portion of the DoD Information Network (DoDIN).

“Hack the Marine Corps allows us to leverage the talents of the global ethical hacker community to take an honest, hard look at our current cybersecurity posture. Our Marines need to operate against the best. What we learn from this program will assist the Marine Corps in improving our warfighting platform, the Marine Corps Enterprise Network. Working with the ethical hacker community provides us with a large return on investment to identify and mitigate current critical vulnerabilities, reduce attack surfaces, and minimize future vulnerabilities. It will make us more combat ready,” says Maj.Gen. Matthew Glavy, Commander, U.S. Marine Corps Forces Cyberspace Command.